0

In my current setup, I have a server running at home that my laptop can connect to remotely (e.g., from Starbucks) via SSH. To do this, I needed to get a static IP from my ISP (since they use CGNAT), and my router at home forwards a port to my server.

I'm moving soon and won't have access to the router at my new address and probably won't have a static IP either. But, I'd still like to be able to remotely access my server which will also live at this new address.

Based on my limited understanding of networking, here's my plan: First, I'll rent a VPS and run my own wireguard VPN on this VPS. Then, I can connect both my laptop (from Starbucks) and home server (connected to some router, potentially behind CGNAT too) to the VPN running on this VPS.

Will this work? Are there things that could complicate this?

Adrian
  • 3
  • 1

1 Answers1

2

Yes you can install VPN on a VPS and use that to connect to your home network.

The architecture for this kind of VPN is called hub-and-spoke and can be done easily with WireGuard.

The setup on server is the same as the classic tutorial. That is you have to tell which peers are connected to the server.

The setup is not that hard on the clients since all you have to change is the net mask in the AllowedIPs portion of the configuration file.

The default is /32 which means only that specific ip address is allowed to connect.

If you change it to /24 then it means all hosts on the subnet ending on 1 through 254 in the ip adresse is allowed to connect.

Assuming the VPN subnet is 192.168.100.0/24 and server is having the VPN address 192.168.100.1 then you have to change the allowedIPs on all clients from 192.168.100.1/32 to 192.168.100.0/24.

Lasse Michael Mølgaard
  • 947
  • 10
  • 27
  • Thank you so much! Your comment was concise and insightful. I've just set this up and it's working flawlessly! – Adrian Oct 02 '22 at 03:02